Kaspersky Security Center Cloud Console
- Kaspersky Security Center Cloud Console Help
- What's new
- Kaspersky Security Center Cloud Console
- About Kaspersky Security Center Cloud Console
- Hardware and software requirements for Kaspersky Security Center Cloud Console
- Compatible Kaspersky applications and solutions
- Localization of Kaspersky Security Center Cloud Console
- Comparison of Kaspersky Security Center and Kaspersky Security Center Cloud Console
- Architecture and basic concepts
- Application licensing
- Licensing of Kaspersky Security Center Cloud Console
- About the trial mode of Kaspersky Security Center Cloud Console
- Using Kaspersky Marketplace to choose Kaspersky business solutions
- Licenses and the minimum number of devices for each license
- Events of the licensing limit exceeded
- Methods of distribution of the activation codes to the managed devices
- Adding a license key to the Administration Server repository
- Deploying a license key to client devices
- Automatic distribution of a license key
- Viewing information about license keys in use in the Administration Server repository
- Viewing information about the license keys used for a specific Kaspersky application
- Deleting a license key from the repository
- Viewing the list of devices where a Kaspersky application is not activated
- Revoking consent with an End User License Agreement
- Renewing licenses for Kaspersky applications
- Use of Kaspersky Security Center Cloud Console after the license expiration
- Licensing definitions
- Data provision
- Hardening Guide
- Interface of Kaspersky Security Center Cloud Console
- Initial configuration of Kaspersky Security Center Cloud Console
- Workspace management
- About workspace management in Kaspersky Security Center Cloud Console
- Getting started with Kaspersky Security Center Cloud Console
- Opening your Kaspersky Security Center Cloud Console workspace
- Returning to the list of workspaces
- Signing out of Kaspersky Security Center Cloud Console
- Managing the company and the list of workspaces
- Managing access to the company and its workspaces
- Resetting your password
- Editing the settings of an account in Kaspersky Security Center Cloud Console
- Selecting the data centers used to store Kaspersky Security Center Cloud Console information
- Access to public DNS servers
- Scenario: Creating a hierarchy of Administration Servers managed through Kaspersky Security Center Cloud Console
- Migration to Kaspersky Security Center Cloud Console
- About migration from Kaspersky Security Center Web Console
- Methods of migration to Kaspersky Security Center Cloud Console
- Scenario: Migration without a hierarchy of Administration Servers
- Migration wizard
- Migration with a hierarchy of Administration Servers
- Scenario: Migration of devices running Linux or macOS operating systems
- Scenario: Reverse migration from Kaspersky Security Center Cloud Console to Kaspersky Security Center
- Migration with virtual Administration Servers
- About migration from Kaspersky Endpoint Security Cloud
- About migration from Kaspersky Security Center Web Console
- Quick start wizard
- About quick start wizard
- Starting quick start wizard
- Step 1. Selecting installation packages to download
- Step 2. Configuring a proxy server
- Step 3. Configuring Kaspersky Security Network
- Step 4. Configuring third-party update management
- Step 5. Creating a basic network protection configuration
- Step 6. Closing the quick start wizard
- Kaspersky applications initial deployment
- Scenario: Kaspersky applications initial deployment
- Creating installation packages for Kaspersky applications
- Distributing installation packages to secondary Administration Servers
- Creating a stand-alone installation packages for Network Agent
- Viewing the list of stand-alone installation packages
- Creating custom installation packages
- Requirements for a distribution point
- Network Agent installation package settings
- Virtual infrastructure
- Usage of Network Agent for Windows, Linux, and macOS: Comparison
- Specifying settings for remote installation on Unix devices
- Replacing third-party security applications
- Options for manual installation of applications
- Forced deployment through the remote installation task of Kaspersky Security Center Cloud Console
- Protection deployment wizard
- Starting Protection deployment wizard
- Step 1. Selecting the installation package
- Step 2. Selecting Network Agent version
- Step 3. Selecting devices
- Step 4. Specifying the remote installation task settings
- Step 5. Restart management
- Step 6. Removing incompatible applications before installation
- Step 7. Moving devices to Managed devices
- Step 8. Selecting accounts to access devices
- Step 9. Starting installation
- Network settings for interaction with external services
- Preparing a device running Astra Linux in the closed software environment mode for installation of Network Agent
- Preparing a Linux device and installing Network Agent on a Linux device remotely
- Installing applications by using a remote installation task
- Starting and stopping Kaspersky applications
- Mobile Device Management
- Detection and response capabilities
- Discovering networked devices and creating administration groups
- Scenario: Discovering networked devices
- Network polling
- Adjustment of distribution points and connection gateways
- Calculating the number and configuration of distribution points
- Standard configuration of distribution points: Single office
- Standard configuration of distribution points: Multiple small remote offices
- Assigning distribution points manually
- Modifying the list of distribution points for an administration group
- Using a distribution point as a push server
- Using the "Do not disconnect from the Administration Server" option to provide continuous connectivity between a managed device and the Administration Server
- Creating administration groups
- Creating device moving rules
- Copying device moving rules
- Adding devices to an administration group manually
- Moving devices or clusters to an administration group manually
- Configuring retention rules for unassigned devices
- Configuring network protection
- Scenario: Configuring network protection
- About device-centric and user-centric security management approaches
- Policy setup and propagation: Device-centric approach
- Policy setup and propagation: User-centric approach
- Network Agent policy settings
- Comparison of Network Agent policy settings by operating systems
- Manual setup of the Kaspersky Endpoint Security policy
- Manual setup of the group update task for Kaspersky Endpoint Security
- Tasks
- Managing client devices
- Settings of a managed device
- Device selections
- Viewing and configuring the actions when devices show inactivity
- About device statuses
- Configuring the switching of device statuses
- Changing the Administration Server for client devices
- Avoiding conflicts between multiple Administration Servers
- Creating Administration Server connection profiles
- About clusters and server arrays
- Properties of a cluster or server array
- Device tags
- Creating a device tag
- Renaming a device tag
- Deleting a device tag
- Viewing devices to which a tag is assigned
- Viewing tags assigned to a device
- Tagging devices manually
- Removing assigned tags from devices
- Viewing rules for tagging devices automatically
- Editing a rule for tagging devices automatically
- Creating a rule for tagging devices automatically
- Running rules for auto-tagging devices
- Deleting a rule for tagging devices automatically
- Quarantine and Backup
- Remote diagnostics of client devices
- Opening the remote diagnostics window
- Enabling and disabling tracing for applications
- Downloading trace files of an application
- Deleting trace files
- Downloading application settings
- Downloading system information from a client device
- Downloading event logs
- Starting, stopping, restarting the application
- Running the remote diagnostics of an application and downloading the results
- Running an application on a client device
- Generating a dump file for an application
- Remotely connecting to the desktop of a client device
- Connecting to devices through Windows Desktop Sharing
- Triggering of rules in Smart Training mode
- Managing administration groups
- Policies and policy profiles
- About policies
- About lock and locked settings
- Inheritance of policies and policy profiles
- Managing policies
- Viewing the list of policies
- Creating a policy
- Modifying a policy
- General policy settings
- Enabling and disabling a policy inheritance option
- Copying a policy
- Moving a policy
- Exporting a policy
- Importing a policy
- Viewing the policy distribution status chart
- Activating a policy automatically at the Virus outbreak event
- Forced synchronization
- Deleting a policy
- Managing policy profiles
- Data encryption and protection
- Users and user roles
- About user accounts
- Adding an account of an internal user
- About user roles
- Configuring access rights to application features. Role-based access control
- Assigning a role to a user or a security group
- Creating a user role
- Editing a user role
- Editing the scope of a user role
- Deleting a user role
- Associating policy profiles with roles
- Creating a security group
- Editing a security group
- Adding user accounts to an internal group
- Deleting a security group
- Configuring ADFS integration
- Configuring integration with Microsoft Entra ID
- Assigning a user as a device owner
- Assigning a user as a Linux device owner after installation of Network Agent
- Managing object revisions
- Kaspersky Security Network (KSN)
- Deletion of objects
- Updating Kaspersky databases and applications
- Scenario: Regular updating of Kaspersky databases and applications
- About updating Kaspersky databases, software modules, and applications
- Creating the task for downloading updates to the repositories of distribution points
- Configuring managed devices to receive updates only from distribution points
- Enabling and disabling automatic updating and patching for Kaspersky Security Center Cloud Console components
- Automatic installation of updates for Kaspersky Endpoint Security for Windows
- About update statuses
- Approving and declining software updates
- Using diff files for updating Kaspersky databases and software modules
- Updating Kaspersky databases and software modules on offline devices
- Updating Kaspersky Security for Windows Server databases
- Managing third-party applications on client devices
- Limitations of Vulnerability and patch management
- Availability of Vulnerability and patch management features in trial and commercial mode and under various licensing options
- About third-party applications
- Third-party software updates
- Scenario: Updating third-party software
- Installing third-party software updates
- Creating the Find vulnerabilities and required updates task
- Find vulnerabilities and required updates task settings
- Creating the Install required updates and fix vulnerabilities task
- Adding rules for update installation
- Creating the Install Windows Update updates task
- Viewing information about available third-party software updates
- Exporting the list of available software updates to a file
- Approving and declining third-party software updates
- Updating third-party applications automatically
- Finding and fixing software vulnerabilities
- Fixing software vulnerabilities
- Creating the Fix vulnerabilities task
- Creating the Install required updates and fix vulnerabilities task
- Adding rules for update installation
- Viewing information about software vulnerabilities detected on all managed devices
- Viewing information about software vulnerabilities detected on the selected managed device
- Viewing statistics of vulnerabilities on managed devices
- Exporting the list of software vulnerabilities to a file
- Ignoring software vulnerabilities
- Scenario: Finding and fixing software vulnerabilities
- Setting the maximum storage period for the information about fixed vulnerabilities
- Managing applications run on client devices
- Using Application Control to manage executable files
- Application Control modes and categories
- Obtaining and viewing a list of applications installed on client devices
- Obtaining and viewing a list of executable files installed on client devices
- Creating application category with content added manually
- Creating application category that includes executable files from selected devices
- Viewing the list of application categories
- Configuring Application Control in the Kaspersky Endpoint Security for Windows policy
- Adding event-related executable files to the application category
- Creating an installation package of a third-party application from the Kaspersky database
- Viewing and modifying the settings of an installation package of a third-party application from the Kaspersky database
- Settings of an installation package of a third-party application from the Kaspersky database
- Application tags
- Configuring Administration Server
- Creating a hierarchy of Administration Servers: adding a secondary Administration Server
- Configuring storage term of events concerning to the deleted devices
- Aggregate emails about events
- Limitations on management of secondary Administration Servers running on-premises through Kaspersky Security Center Cloud Console
- Viewing the list of secondary Administration Servers
- Deleting a hierarchy of Administration Servers
- Configuring the interface
- Managing virtual Administration Servers
- Monitoring and reporting
- Scenario: Monitoring and reporting
- About types of monitoring and reporting
- Dashboard and widgets
- Reports
- Events and event selections
- About events in Kaspersky Security Center Cloud Console
- Events of Kaspersky Security Center Cloud Console components
- Using event selections
- Creating an event selection
- Editing an event selection
- Viewing a list of an event selection
- Exporting an event selection
- Importing an event selection
- Viewing details of an event
- Exporting events to a file
- Viewing an object history from an event
- Logging information about events for tasks and policies
- Deleting events
- Deleting event selections
- Notifications and device statuses
- Kaspersky announcements
- Receiving license expiration warning
- Cloud Discovery
- Remote diagnostics of client devices
- Opening the remote diagnostics window
- Enabling and disabling tracing for applications
- Downloading trace files of an application
- Deleting trace files
- Downloading application settings
- Downloading system information from a client device
- Downloading event logs
- Starting, stopping, restarting the application
- Running the remote diagnostics of an application and downloading the results
- Running an application on a client device
- Generating a dump file for an application
- Running remote diagnostics on a Linux-based client device
- Exporting events to SIEM systems
- Configuring event export to SIEM systems
- Before you begin
- About event export
- Configuring an event export in a SIEM system
- Marking of events for export to SIEM systems in Syslog format
- About exporting events using Syslog format
- Configuring Kaspersky Security Center Cloud Console for export of events to a SIEM system
- Viewing export results
- Quick Start Guide for Managed Service Providers (MSPs)
- About Kaspersky Security Center Cloud Console
- Getting started with Kaspersky Security Center Cloud Console
- Recommendations on managing your customers' devices
- Typical deployment scheme for MSPs
- Scenario: Protection deployment (tenant management through virtual Administration Servers)
- Scenario: Protection deployment (tenant management through administration groups)
- Joint usage of Kaspersky Security Center on-premises and Kaspersky Security Center Cloud Console
- Licensing of Kaspersky applications for MSPs
- Monitoring and reporting capabilities for MSPs
- Working with Kaspersky Security Center Cloud Console in a cloud environment
- Licensing options in a cloud environment
- Preparing for work in a cloud environment through Kaspersky Security Center Cloud Console
- Cloud environment configuration wizard in Kaspersky Security Center Cloud Console
- Step 1. Checking the required plug-ins and installation packages
- Step 2. Selecting the application activation method
- Step 3. Selecting the cloud environment and authorization
- Step 4. Segment polling and configuring synchronization with Cloud
- Step 5. Selecting an application to create a policy and tasks for
- Step 6. Configuring Kaspersky Security Network for Kaspersky Security Center Cloud Console
- Step 7. Creating an initial configuration of protection
- Network segment polling via Kaspersky Security Center Cloud Console
- Adding connections for cloud segment polling via Kaspersky Security Center Cloud Console
- Deleting a connection for cloud segment polling
- Configuring the polling schedule via Kaspersky Security Center Cloud Console
- Viewing the results of cloud segment polling via Kaspersky Security Center Cloud Console
- Viewing the properties of cloud devices via Kaspersky Security Center Cloud Console
- Synchronization with Cloud: Configuring the moving rule
- Remote installation of applications to the Azure virtual machines
- Contact Technical Support
- Sources of information about the application
- Known issues
- Glossary
- Account on Kaspersky Security Center Cloud Console
- Active key
- Additional (or reserve) license key
- Administration group
- Administration Server
- Amazon EC2 instance
- Amazon Machine Image (AMI)
- Anti-virus databases
- Application tag
- Authentication Agent
- Available update
- AWS Application Program Interface (AWS API)
- AWS IAM access key
- AWS Management Console
- Broadcast domain
- Centralized application management
- Cloud Discovery
- Connection gateway
- Demilitarized zone (DMZ)
- Device owner
- Device tag
- Direct application management
- Distribution point
- Event repository
- Event severity
- Forced installation
- Group task
- Home Administration Server
- HTTPS
- IAM role
- IAM user
- Identity and Access Management (IAM)
- Incompatible application
- Installation package
- JavaScript
- Kaspersky Next Expert View
- Kaspersky Private Security Network (KPSN)
- Kaspersky Security Center Cloud Console Administrator
- Kaspersky Security Center Cloud Console Operator
- Kaspersky Security Network (KSN)
- Kaspersky update servers
- Key file
- License term
- Local installation
- Local task
- Managed device
- Management web plug-in
- Network Agent
- Network anti-virus protection
- Network protection status
- Patch importance level
- Policy
- Policy profile
- Program settings
- Protection status
- Quarantine
- Remote installation
- Restoration
- SSL
- Task
- Task for specific devices
- Task settings
- UEFI protection device
- Update
- Virtual Administration Server
- Virus activity threshold
- Virus outbreak
- Vulnerability
- Workspace
- Information about third-party code
- Trademark notices
Configuring a device selection
To configure a device selection:
- In the main menu, go to Assets (Devices) → Device selections.
A page with a list of device selections is displayed.
- Select the relevant user-defined device selection, and click the Properties button.
The Device selection settings window opens.
- On the General tab, click the New condition link.
- Specify conditions that must be met for including devices in this selection.
- Click the Save button.
The settings are applied and saved.
Below are descriptions of the conditions for assigning devices to a selection. Conditions are combined by using the OR logical operator: the selection will contain devices that comply with at least one of the listed conditions.
General
In the General section, you can change the name of the selection condition and specify whether that condition must be inverted:
Invert selection condition If this option is enabled, the specified selection condition will be inverted. The selection will include all devices that do not meet the condition. By default, this option is disabled.
Network infrastructure
In the Network subsection, you can specify the criteria that will be used to include devices in the selection according to their network data:
- Device name
Windows network name (NetBIOS name) of the device, or the IPv4 or IPv6 address.
- Domain
Displays all devices included in the specified Windows domain.
- Administration group
Displays devices included in the specified administration group.
- Description
Text in the device properties window: In the Description field of the General section.
To describe text in the Description field, you can use the following characters:
- Within a word:
- *. Replaces any string with any number of characters.
Example:
To describe words such as Server or Server's, you can enter Server*.
- ?. Replaces any single character.
Example:
To describe words such as Window or Windows, you can enter Windo?.
Asterisk (*) or question mark (?) cannot be used as the first character in the query.
- To find several words:
- Space. Displays all the devices whose descriptions contain any of the listed words.
Example:
To find a phrase that contains Secondary or Virtual words, you can include Secondary Virtual line in your query.
- +. When a plus sign precedes a word, all search results will contain this word.
Example:
To find a phrase that contains both Secondary and Virtual, enter the +Secondary+Virtual query.
- -. When a minus sign precedes a word, no search results will contain this word.
Example:
To find a phrase that contains Secondary and does not contain Virtual, enter the +Secondary-Virtual query.
- "<some text>". Text enclosed in quotation marks must be present in the text.
Example:
To find a phrase that contains Secondary Server word combination, you can enter "Secondary Server" in the query.
- Within a word:
- IP range
If this option is enabled, you can enter the initial and final IP addresses of the IP range in which the relevant devices must be included.
By default, this option is disabled.
- Managed by a different Administration Server
Select one of the following values:
- Yes. A device moving rule only applies to client devices managed by other Administration Servers. These Servers are different from the Server on which you configure the device moving rule.
- No. The device moving rule only applies to client devices managed by the current Administration Server.
- No value is selected. The condition does not apply.
In the Active Directory subsection, you can configure criteria for including devices into a selection based on their Active Directory data:
- Device is in an Active Directory organizational unit
If this option is enabled, the selection includes devices from the Active Directory organizational unit specified in the entry field.
By default, this option is disabled.
- Include child organizational units
If this option is enabled, the selection includes devices from all child organizational units of the specified Active Directory organizational unit.
By default, this option is disabled.
- This device is a member of an Active Directory group
If this option is enabled, the selection includes devices from the Active Directory group specified in the entry field.
By default, this option is disabled.
In the Network activity subsection, you can specify the criteria that will be used to include devices in the selection according to their network activity:
- Acts as a distribution point
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Yes. The selection includes devices that act as distribution points.
- No. Devices that act as distribution points are not included in the selection.
- No value is selected. The criterion will not be applied.
- Do not disconnect from the Administration Server
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Enabled. The selection will include devices on which the Do not disconnect from the Administration Server check box is selected.
- Disabled. The selection will include devices on which the Do not disconnect from the Administration Server check box is cleared.
- No value is selected. The criterion will not be applied.
- Connection profile switched
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Yes. The selection will include devices that connected to the Administration Server after the connection profile was switched.
- No. The selection will not include devices that connected to the Administration Server after the connection profile was switched.
- No value is selected. The criterion will not be applied.
- Last connected to Administration Server
You can use this check box to set a search criterion for devices according to the time they last connected to the Administration Server.
If this check box is selected, in the entry fields you can specify the time interval (date and time) during which the last connection was established between Network Agent installed on the client device and the Administration Server. The selection will include devices that fall within the specified interval.
If this check box is cleared, the criterion will not be applied.
By default, this check box is cleared.
- New devices detected by network poll
Searches for new devices that have been detected by network polling over the last few days.
If this option is enabled, the selection only includes new devices that have been detected by device discovery over the number of days specified in the Detection period (days) field.
If this option is disabled, the selection includes all devices that have been detected by device discovery.
By default, this option is disabled.
- Device is visible
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Yes. The application includes in the selection devices that are currently visible in the network.
- No. The application includes in the selection devices that are currently invisible in the network.
- No value is selected. The criterion will not be applied.
In the Cloud segments subsection, you can configure criteria for including devices in a selection according to their respective cloud segments:
- Device is in a cloud segment
If this option is enabled, you can choose devices from the AWS, Azure, and Google cloud segments.
If the Include child objects option is also enabled, the search is run on all child objects of the selected segment.
Search results include only devices from the selected segment.
- Device discovered by using the API
In the drop-down list, you can select whether a device is detected by API tools:
- Yes. The device is detected by using the AWS, Azure, or Google API.
- No. The device cannot be detected by using the AWS, Azure, or Google API. That is, the device is either outside the cloud environment or it is in the cloud environment but it cannot be detected by using an API.
- No value. This condition does not apply.
Device statuses
In the Managed device status subsection, you can configure criteria for including devices into a selection based on the description of the devices status from a managed application:
- Device status
Drop-down list in which you can select one of the device statuses: OK, Critical, or Warning.
- Real-time protection status
Drop-down list, in which you can select the real-time protection status. Devices with the specified real-time protection status are included in the selection.
- Device status description
In this field, you can select the check boxes next to conditions that, if met, assign one of the following statuses to the device: OK, Critical, or Warning.
In the Status of components in managed applications subsection, you can configure criteria for including devices in a selection according to the statuses of components in managed applications:
- Data Leakage Prevention status
Search for devices by the status of Data Leakage Prevention (Unknown, Stopped, Starting, Paused, Running, Failed).
- Collaboration servers protection status
Search for devices by the status of server collaboration protection (Unknown, Stopped, Starting, Paused, Running, Failed).
- Anti-virus protection status of mail servers
Search for devices by the status of Mail Server protection (Unknown, Stopped, Starting, Paused, Running, Failed).
- Endpoint Sensor status
Search for devices by the status of the Endpoint Sensor component (Unknown, Stopped, Starting, Paused, Running, Failed).
In the Status-affecting problems in managed applications subsection, you can specify the criteria that will be used to include devices in the selection according to the list of possible problems detected by a managed application. If at least one problem that you select exists on a device, the device will be included in the selection. When you select a problem listed for several applications, you have the option to select this problem in all of the lists automatically.
You can select check boxes for descriptions of statuses from the managed application; upon receipt of these statuses, the devices will be included in the selection. When you select a status listed for several applications, you have the option to select this status in all of the lists automatically.
System details
In the Operating system section, you can specify the criteria that will be used to include devices in the selection according to their operating system type.
- Platform type
If the check box is selected, you can select an operating system from the list. Devices with the specified operating systems installed are included in the search results.
- Operating system service pack version
In this field, you can specify the package version of the operating system (in the X.Y format), which will determine how the moving rule is applied to the device. By default, no version value is specified.
- Operating system bit size
In the drop-down list, you can select the architecture for the operating system, which will determine how the moving rule is applied to the device (Unknown, x86, AMD64, or IA64). By default, no option is selected in the list so that the operating system's architecture is not defined.
- Operating system build
This setting is applicable to Windows operating systems only.
The build number of the operating system. You can specify whether the selected operating system must have an equal, earlier, or later build number. You can also configure searching for all build numbers except the specified one.
- Operating system release number
This setting is applicable to Windows operating systems only.
The release identifier (ID) of the operating system. You can specify whether the selected operating system must have an equal, earlier, or later release ID. You can also configure searching for all release ID numbers except the specified one.
In the Virtual machines section, you can set up the criteria to include devices in the selection according to whether these are virtual machines or part of virtual desktop infrastructure (VDI):
- This is a virtual machine
In the drop-down list, you can select the following options:
- Undefined.
- No. Find devices that are not virtual machines.
- Yes. Find devices that are virtual machines.
- Virtual machine type
In the drop-down list, you can select the virtual machine manufacturer.
This drop-down list is available if the Yes or Not important value is selected in the This is a virtual machine drop-down list.
- Part of Virtual Desktop Infrastructure
In the drop-down list, you can select the following options:
- Undefined.
- No. Find devices that are not part of Virtual Desktop Infrastructure.
- Yes. Find devices that are part of the Virtual Desktop Infrastructure (VDI).
In the Hardware registry subsection, you can configure criteria for including devices into a selection based on their installed hardware:
Ensure that the lshw utility is installed on Linux devices from which you want to fetch hardware details. Hardware details fetched from virtual machines may be incomplete depending on the hypervisor used.
- Device
In the drop-down list, you can select a unit type. All devices with this unit are included in the search results.
The field supports the full-text search.
- Vendor
In the drop-down list, you can select the name of a unit manufacturer. All devices with this unit are included in the search results.
The field supports the full-text search.
- Device name
Name of the device in the Windows network. The device with the specified name is included in the selection.
- Description
Description of the device or hardware unit. Devices with the description specified in this field are included in the selection.
A device's description in any format can be entered in the properties window of that device. The field supports the full-text search.
- Device vendor
Name of the device manufacturer. Devices produced by the manufacturer specified in this field are included in the selection.
You can enter the manufacturer's name in the properties window of a device.
- Serial number
All hardware units with the serial number specified in this field will be included in the selection.
- Inventory number
Equipment with the inventory number specified in this field will be included in the selection.
- User
All hardware units of the user specified in this field will be included in the selection.
- Location
Location of the device or hardware unit (for example, at the HQ or a branch office). Computers or other devices that are deployed at the location specified in this field will be included in the selection.
You can describe the location of a device in any format in the properties window of that device.
- CPU clock rate, in MHz, from
The minimum clock rate of a CPU. Devices with a CPU that matches the clock rate range specified in the entry fields (inclusive) will be included in the selection.
- CPU clock rate, in MHz, to
The maximum clock rate of a CPU. Devices with a CPU that matches the clock rate range specified in the entry fields (inclusive) will be included in the selection.
- Number of virtual CPU cores, from
The minimum number of virtual CPU cores. Devices with a CPU that matches the range of the virtual cores number specified in the entry fields (inclusive) will be included in the selection.
- Number of virtual CPU cores, to
The maximum number of virtual CPU cores. Devices with a CPU that matches the range of the virtual cores number specified in the entry fields (inclusive) will be included in the selection.
- Hard drive volume, in GB, from
The minimum volume of the hard drive on the device. Devices with a hard drive that matches the volume range specified in the entry fields (inclusive) will be included in the selection.
- Hard drive volume, in GB, to
The maximum volume of the hard drive on the device. Devices with a hard drive that matches the volume range specified in the entry fields (inclusive) will be included in the selection.
- RAM size, in MB, from
The minimum size of the device RAM. Devices with RAM that matches the size range specified in the entry fields (inclusive) will be included in the selection.
- RAM size, in MB, to
The maximum size of the device RAM. Devices with RAM that matches the size range specified in the entry fields (inclusive) will be included in the selection.
Third-party software details
In the Applications registry subsection, you can set up the criteria to search for devices according to applications installed on them:
- Application name
Drop-down list in which you can select an application. Devices on which the specified application is installed, are included in the selection.
- Application version
Entry field in which you can specify the version of selected application.
- Vendor
Drop-down list in which you can select the manufacturer of an application installed on the device.
- Application status
A drop-down list in which you can select the status of an application (Installed, Not installed). Devices on which the specified application is installed or not installed, depending on the selected status, will be included in the selection.
- Find by update
If this option is enabled, search will be performed using the details of updates for applications installed on the relevant devices. After you select the check box, the Application name, Application version, and Application status fields change to Update name, Update version, and Status respectively.
By default, this option is disabled.
- Name of incompatible security application
Drop-down list in which you can select third-party security applications. During the search, devices on which the specified application is installed, are included in the selection.
- Application tag
In the drop-down list, you can select the application tag. All devices that have installed applications with the selected tag in the description are included in the device selection.
- Apply to devices without the specified tags
If this option is enabled, the selection includes devices with descriptions that contain none of the selected tags.
If this option is disabled, the criterion is not applied.
By default, this option is disabled.
In the Vulnerabilities and updates subsection, you can specify the criteria that will be used to include devices in the selection according to their Windows Update source:
WUA is switched to Administration Server You can select one of the following search options from the drop-down list:
Details of Kaspersky applications
In the Kaspersky applications subsection, you can configure criteria for including devices in a selection based on the selected managed application:
- Application name
In the drop-down list, you can set a criterion for including devices in a selection when search is performed by the name of a Kaspersky application.
The list provides only the names of applications with management plug-ins installed on the administrator's workstation.
If no application is selected, the criterion will not be applied.
- Application version
In the entry field, you can set a criterion for including devices in a selection when search is performed by the version number of a Kaspersky application.
If no version number is specified, the criterion will not be applied.
- Critical update name
In the entry field, you can set a criterion for including devices in a selection when search is performed by application name or by update package number.
If the field is left blank, the criterion will not be applied.
A drop-down list in which you can select the status of an application (Installed, Not installed). Devices on which the specified application is installed or not installed, depending on the selected status, will be included in the selection.
- Select the period of the last update of modules
You can use this option to set a criterion for searching devices by time of the last update of modules of applications installed on those devices.
If this check box is selected, in the entry fields you can specify the time interval (date and time) during which the last update of modules of applications installed on those devices was performed.
If this check box is cleared, the criterion will not be applied.
By default, this check box is cleared.
- Device is managed through Administration Server
In the drop-down list, you can include in the selection the devices managed through Kaspersky Security Center Cloud Console:
- Yes. The application includes in the selection devices managed through Kaspersky Security Center Cloud Console.
- No. The application includes devices in the selection if they are not managed through Kaspersky Security Center Cloud Console.
- No value is selected. The criterion will not be applied.
- Security application is installed
In the drop-down list, you can include in the selection all devices with the security application installed:
- Yes. The application includes in the selection all devices with the security application installed.
- No. The application includes in the selection all devices with no security application installed.
- No value is selected. The criterion will not be applied.
In the Anti-virus protection subsection, you can set up the criteria for including devices in a selection based on their protection status:
- Databases released
If this option is selected, you can search for client devices by anti-virus database release date. In the entry fields you can set the time interval, on the basis of which the search is performed.
By default, this option is disabled.
- Database records count
If this option is enabled, you can search for client devices by number of database records. In the entry fields you can set the lower and upper threshold values for anti-virus database records.
By default, this option is disabled.
- Last scanned
If this check option is enabled, you can search for client devices by time of the last malware scan. In the entry fields you can specify the time period within which the last malware scan was performed.
By default, this option is disabled.
- Threats detected
If this option is enabled, you can search for client devices by number of viruses detected. In the entry fields you can set the lower and upper threshold values for the number of viruses found.
By default, this option is disabled.
Advanced Encryption Standard (AES) symmetrical block cipher algorithm. In the drop-down list, you can select the encryption key size (56-bit, 128-bit, 192-bit, or 256-bit).
Available values: AES56, AES128, AES192, and AES256.
The Application components subsection contains the list of components of those applications that have corresponding management plug-ins installed in Kaspersky Security Center Cloud Console.
In the Application components subsection, you can specify criteria for including devices in a selection according to the statuses and version numbers of the components that refer to the application that you select:
- Status
Search for devices according to the component status sent by an application to the Administration Server. You can select one of the following statuses: N/A, Stopped, Paused, Starting, Running, Failed, Not installed, Not supported by license. If the selected component of the application installed on a managed device has the specified status, the device is included in the device selection.
Statuses sent by applications:
- Stopped—The component is disabled and not working at the moment.
- Paused—The component is suspended, for example, after the user has paused protection in the managed application.
- Starting—The component is currently in the process of initialization.
- Running—The component is enabled and working properly.
- Failed—An error has occurred during the component operation.
- Not installed—The user did not select the component for installation when configuring custom installation of the application.
- Not supported by license—The license does not cover the selected component.
Unlike other statuses, the N/A status is not sent by applications. This option shows that the applications have no information about the selected component status. For example, this can happen when the selected component does not belong to any of the applications installed on the device, or when the device is turned off.
- Version
Search for devices according to the version number of the component that you select in the list. You can type a version number, for example
3.4.1.0, and then specify whether the selected component must have an equal, earlier, or later version. You can also configure searching for all versions except the specified one.
Tags
In the Tags section, you can configure criteria for including devices into a selection based on key words (tags) that were previously added to the descriptions of managed devices:
Apply if at least one specified tag matches If this option is enabled, the search results will show devices with descriptions that contain at least one of the selected tags. If this option is disabled, the search results will only show devices with descriptions that contain all the selected tags. By default, this option is disabled.
To add tags to the criterion, click the Add button, and select tags by clicking the Tag entry field. Specify whether to include or exclude the devices with the selected tags in the device selection.
- All devices that have this tag
If this option is selected, the search results will display the devices whose descriptions contain the selected tag. To find devices, you can use the asterisk, which stands for any string with any number of characters.
By default, this option is selected.
- All devices that do not have this tag
If this option is selected, the search results will display the devices whose descriptions do not contain the selected tag. To find devices, you can use the asterisk, which stands for any string with any number of characters.
Users
In the Users section, you can set up the criteria to include devices in the selection according to the accounts of users who have logged in to the operating system.
- Last user who logged in to the system
If this option is enabled, you can select the user account for configuring the criterion. Note that the user list is filtered and displays internal users. The search results will include devices on which the selected user performed the last login to the system.
- User who logged in to the system at least once
If this option is enabled, you can select the user account for configuring the criterion. Note that the user list is filtered and displays internal users. The search results will include devices on which the specified user logged in to the system at least once.